In the days prior to Thanksgiving 2013, malware designed to steal credit card data at Target was surreptitiously installed. According to Bloomberg BusinessWeek, the company had installed a malware detection tool. Target had specialists in Bangalore to monitor its computers around the clock. Two days after Thanksgiving, the malware was spotted. The team in India got an alert and flagged Target’s security managers. And then?

Nothing happened. Target’s alert system had worked effectively. But then, Target stood by as 40 million credit card numbers flowed out of its computers. Only a few months later, CEO Gregg Steinhafel and CIO Beth Jacob were both out of the company.

Cybersecurity has become widely recognized as a critical corporate challenge. Boards and senior managements are putting it on their agenda, categorizing cybersecurity not as a compartmentalized risk for the information technology team, but as strategic and enterprise-wide.

However, a security program is only as strong as its weakest link. While a survey by the Institute of Internal Auditors found 58% of board members felt they should be actively involved in cybersecurity preparedness, only 14% said they were actively involved. Unfortunately, 65% also said their perception of the risk their organizations faced had increased.

Board members and senior managers need to become more educated about the topic to be able to ask questions that are strategic yet granular enough to address company-specifics. To go further, it will be imperative to join Cybersecurity Boardroom Workshop 2015, the first seminar targeted at strategic and executive leaders for whom cybersecurity readiness is a relatively new yet critically important area to be intelligently conversant about.

Cybersecurity Boardroom Workshop 2015 is specifically designed for board members and senior executives of public and private firms looking for new ways to gain and maintain competitive business advantage. Business executives with responsibility for IT, finance, compliance, risk management and procurement as well as entrepreneurs and innovators are welcome.

By the end of Cybersecurity Boardroom Workshop 2015, to be held in Dubai, March 8-9, Hong Kong, March 12-13, Seoul, March 19-20, Singapore, March 26-27, London, 9-10 April, and New York City, April 16-17, participants will:

Understand enterprise cybersecurity and the impact on shareholder value in the short and long term

Identify immediate security needs for the organization with actionable steps for senior management

Learn how to identify current and future challenges to better enable management to focus on threat reduction and operational reliability

Get up to speed on international and domestic approaches and frameworks for effective cybersecurity practices corporate wide

DAY 1: UNDERSTANDING THE CYBER WORLD

Understanding Cybersecurity

The trillion dollar global cyber risk environment

The enterprise-wide challenge of protecting the organization’s assets

The impact of cybersecurity attacks on shareholder value

Identity theft and the legal implications of data breaches

Social Engineering: The “Weakest Human Link” in Cybersecurity

The responsibility for cybersecurity in the organization

Assessing the quality of the cybersecurity workforce

Evaluating shortcomings in meeting cybersecurity workforce standards

Assessing the effectiveness of current professionalization tools

Understanding the Cybersecurity Testing Method

Reconnaissance: How to use tools to find vulnerable systems and devices

Packet sniffing: How to gather information from computer systems

Port scanning: How port information is exposed on computer systems

Password policy and cracking: What to consider when developing password policy

Vulnerability: How to reduce attacks by enforcing proactive compliance policies

Basics of Security Architecture for Board Members and CXOs

How architecture defines the structure of a system and makes it explicit

The fundamentals of layered architecture: presentation, business, data, and service layers

How the current computer network infrastructure was not designed originally to be secure

Embedding architecting security into systems from inception

DAY 2: RESPONDING TO THE CYBERSECURITY CHALLENGE

Introduction to NIST’s Cybersecurity Framework

Describing the enterprise’s current and target cybersecurity posture

Identifying and prioritizing opportunities for improvement

Assessing and accelerating progress toward the target state

Communicating with internal and external stakeholders about cybersecurity risk